HOW SECURE ELEMENTS ENHANCE DIGITAL KEYS
The availability of the Car Connectivity Consortium® (CCC) digital key release 3.0 specification has made proprietary smartphone car access a thing of the past. The worldwide cross-industry standard has ushered in a trend towards standardized smartphone-based car access using Ultra-Wideband (UWB), Bluetooth® Low Energy (BLE), Near Field Communication (NFC) and secure element technologies.
This upward trend of digital key usage also applies to CCC-certified secure elements. Since they are mandated in smartphones and are often desired on the vehicle-side to provide an extra level of security, secure elements play a prominent role in the new smart access ecosystems.
Digital Keys for the Vehicle-Side
CCC digital keys for the vehicle-side often feature a JavaCard Open Platform (JCOP) applet for highly secure and performant CCC digital key management in a security-certified environment. It is the counterpart to the secure element in the smartphone where the CCC digital key applet is also running.
If the smartphone battery is running low during a journey, NFC technology is required to ensure backup entry and start functionality. Because of this, NFC technology is mandated to be CCC standard compliant. This also drives the trend of adding secure NFC enabled smart cards and smart fobs, extending the car access system of a car OEM. In addition, similar applets can run on a smart card or smart fob just as they can on a smartphone. NXP’s NCJ38A secure element is an example of a vehicle-side CCC digital key.
Digital Keys for the Smart Fob
For the smart fob, which will soon leverage NFC, BLE and UWB technologies within a system, NXP recently announced the NCJ37x Automotive Secure Element with hardware EAL6+ certification and a CCC digital key compatible applet. Its passive NFC interface can serve as the access and start backup, even when the key fob’s battery is fully drained. And with its strong security capability, the Secure Element can be responsible for high-secure digital key Management within the smart fob system when communication is done via BLE and UWB. The connection to the BLE and UWB ICs can be implemented using NCJ37x’s SPI or I2C interface.
Secure End-to-End Communication
Within a CCC digital key compatible smart fob, the NCJ37x Secure Element will, for example, hold the digital key of a specific car, or generate a UWB ranging key to ensure secure distance calculation to the car for passive entry and start functionalities. NXP can supply both, the NCJ37x Secure Element in the fob and the NCJ38A Secure Element on the car side. Using NXP’s trust provisioning service, the required certificates and other credentials can be securely flashed on the NCJ37x and NCJ38A secure elements. This will allow secure end-to-end (E2E) communication between the fob Secure Element and car-side secure elements and its CCC digital key compatible applets.
"NCJ37x is not only limited to the CCC digital key compatible applet, with its flexible JCOP OS, it can also run many other secure applets, such as an applet supporting a proprietary car OEM authentication protocol, or even NXP’S MIFARE emulation applet. If customers want to develop their own applets, NXP offers a sophisticated JCOP toolchain to ease their design-ins." Marc Manninger, NXP Semiconductors.
Extending Capability to Car-Side Applications
NXP’s NCJ37x secure element can also serve several car-side applications, such as secure car-to-cloud communication, securing battery management systems (BMS), or authentication for wireless charging modules.
For wireless charging, the secure element comes with a Qi 1.3 applet and the capability of secure personalization. As a Wireless Power Consortium (WPC) Manufacturing Certificate Authority (MCA), NXP can securely provision the required certificates for a Qi 1.3 charger in a secure environment. With the NCJ37x CC EAL6+ certified hardware, the Qi 1.3 authentication applet and NXP’s MCA trust provisioning service, NXP offers a full solution for implementing the authentication protocol for a WPC Qi 1.3 compliant wireless charger. Typically these chargers are also the in-car NFC reader module, which is needed for CCC digital key NFC-based engine start.
Taking Digital Keys to the Next Level
Secure elements are an important part of the digital key ecosystem and finding the right solution is crucial. With its versatile feature set, the NCJ37x is a great fit for the next generation of smart access key fobs and many more highly-secure automotive applications.
Author - Marc Manninger NXP Product & Marketing Manager